﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using MySql;
using MySql.Data;
using MySql.Data.MySqlClient;
using MySql.Data.Entity;
using ASV.Classes;
using System.Data;

namespace ASV.Account
{
    public partial class Benutzerhinzufuegen : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {
            Authentication auth = new Authentication();
            int userGroup;
            int allowedGroup;


            if (auth.isLoggedIn() == true)
            {
                userGroup = int.Parse(HttpContext.Current.Session["benutzertyp"].ToString());
                allowedGroup = 3;
                if (auth.checkUserGroup(userGroup, allowedGroup) == false)
                {
                    Response.Redirect("~/Error.aspx");
                }
            }
            else
            {
                Response.Redirect("~/Error.aspx");
            }
        }

        protected void hinzufuegen_Click(object sender, EventArgs e)
        {   
            string vorname = Vorname.Text;
            string nachname = Nachname.Text;
            string email = Email.Text;
            string passwort = Passwort.Text;
            string passwortWiederholen = PasswortWiederholen.Text;
            string benutzergruppe = Benutzergruppe.Text;

            bool errorStatus = true;
            string errorText = "<ul>";

            if (this.checkEmail(email) == false)
            {
                errorText += "<li><b>Email</b>: Diese E-Mail wird bereits verwendet</li>";
                errorStatus = false;
            }

            if (this.checkPassword(passwort, passwortWiederholen) == false)
            {
                errorText += "<li><b>Passwort</b>: Die Passwörter stimmen nicht überein</li>";
                errorStatus = false;
            }

            errorText += "</ul>";

            if (errorStatus == false)
            {
                errors.Text = errorText;
            }
            else
            {
                this.insertUser(vorname, nachname, email, passwort, benutzergruppe);
                benutzerhinzufugen.Visible = false;
                errors.Text = "";
                erfolgsmeldung.Visible = true;
            }
        }

        private bool checkPassword(string password, string passwordRepeat)
        {
            if (password != passwordRepeat)
            {
                return false;
            }
            return true;
        }

        private bool checkEmail(string email)
        {
            Connection mycon = new Connection();
            MySqlCommand selectUser = new MySqlCommand();
            
            string SQL = "SELECT * FROM benutzer WHERE email = '" + email + "'";
            selectUser.CommandText = SQL;
            selectUser.Connection = mycon.getConnection();

            MySqlDataAdapter adapter = new MySqlDataAdapter(selectUser);
            MySqlDataReader reader = selectUser.ExecuteReader();

            if (reader.HasRows == true)
            {
                return false;
            }
            return true;
        }

        private void insertUser(string vorname, string nachname, string email, string passwort, string benutzergruppe)
        {
            Connection connection = new Connection();
            
            string SQL = "INSERT INTO `benutzer` (`vorname`,`nachname`,`email`,`passwort`,`benutzertyp`) VALUES ('" + vorname + "', '" + nachname + "', '" + email + "', '" + passwort + "', '" + benutzergruppe + "')";
            connection.insertUpdate(SQL);
        }
    }
}